ROS-20240805-03

Vulnerability of HTTP/2 protocol implementation is related to the possibility of forming a stream of requests within an already established network connection without opening new network connections and without confirming receipt of requests.
The vulnerability of the HTTP/2 protocol implementation is related to the possibility of generating a stream of requests within an already established network connection, without opening new network connections and without acknowledging the receipt of packets.
packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service

A vulnerability in the cmd-go component of the Go programming language is related to the transmission of data in plaintext.
Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information.
access to protected information

A vulnerability in the implementation of the SSH protocol is related to the ability to adjust packet sequence numbers during the connection negotiation process and to remove arbitrary packet numbers.
during the connection negotiation process and cause an arbitrary number of SSH service messages to be deleted.
Exploitation of the vulnerability could allow a remote attacker to bypass integrity checks,
disable existing security features, and gain unauthorized access to protected information

Vulnerability of net/http package of Go programming language is related to information disclosure.
exploitation of this vulnerability may allow a remote intruder to disclose protected information.

Vulnerability in the Consul and Consul Enterprise service configuration tool is related to a bug that could cause a peer-to-peer cluster with the Consul service to be compromised.
a peer-to-peer cluster with a service with the same name as the local service could corrupt Consul state.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service